Heist

@zms200 Thanks you ! I found thanks to hashcat and a new wordlist but I see what you meant.

Now, I use it everywhere but it don’t work ^^.

Type your comment> @MrB33n said:

@zms200 Thanks you ! I found thanks to hashcat and a new wordlist but I see what you meant.

Now, I use it everywhere but it don’t work ^^.

Try some mixing and matching :slight_smile:

Root taken.
For root, make sure, you dump all you want, else you will “learn” the hard way the use of flags, and why you should read the the help, before use. Props to @MinatoTW for this amazing box, and learning experience

I"m certain i have the correct user password but I cant get PS to work (access denied)? I’d love to PM someone and show them the command I am using…

Got root.
This is my first box from live machines. Thank you all for hints and thank you @MinatoTW .

got cracked 3 passwords, 2 users, but dunno what have to do next… can someone pm me how to continue?

from impacket i use lkd.py i get many user
i get cred C
e:Q******d
but i can’t use this cred no where
i try the other winrm auxiliere and exploit with this cred it don’t work it say wrong cred …

and i can’t import exploit from exploit-db to metasploit i don’t know why ?

Type your comment> @mikensen said:

got cracked 3 passwords, 2 users, but dunno what have to do next… can someone pm me how to continue?

you probably missing 1 user… try and mix :slight_smile:

is H****d my missing user? i cant find any impacket tool to use. too many asterix on that python file :smiley:

okay. I have no idea what I’m doing wrong. haven’t even got user.
I’ve looked around the box. cracked two easy hashes, but cant get the third. been running hashcat for hours and i feel like im doing everything wrong. (90,000 R U, and 35,000 via a custom R U list with only long passwords)
everything i’ve read here is not helping with this particular box.
can someone DM/PM me with tips.
thanks

EDIT: thanks to @mikensen for correcting my hashcat syntax :slight_smile:

How to crack cisco secret 5 hash please PM! Gracias.

I spent a lot of time trying to get this to work with native PS or Metasploit. The trick for me was to use E***-W****. If any one know why this worked with E***-W**** and not native PS or Metasploit, please MSG me so we can chat.

PM for Nuggets

Hack The Box

PM for Nuggets

Rooted!
Thanks @MinatoTW for this learning experience!
The root part took me waaaay more time and effort than the user one, but it was worth it!

i logged in to e***-wm, i found k4.b , uploaded prcd*p, but i dont know how to dump animal proccess… im rly stuck, pls PM me…

Type your comment> @mikensen said:

i logged in to e***-wm, i found k4.b , uploaded prcd*p, but i dont know how to dump animal proccess… im rly stuck, pls PM me…

Msg’d

Get rooted this box. Overall really good box. I hate when I can’t get a box because I choose one of 6 tools that does that same thing, and picked wrong. This is an easy (good) box, but you have to pick the right tools. PM me if your stuck…

Finally rooted :slight_smile:
Hint for user:
Check all ports and all credentials

Hint for root:
Animal have something inside.

Ps.
Is there any other way to root this box without d…p animal? Please PM, I’d like to learn something new :slight_smile:

edit : nvm. this box is the lesson

Nice machine, would have never gotten user or root without the forum.